Privacy Policy

With this Privacy Policy, we inform you about the processing of personal data in connection with our activities and operations, including our website under the domain name research-and-medical-chemicals.com. We specifically inform you about why, how, and where we process which personal data. We also inform you about the rights of individuals whose data we process.

For individual or additional activities and operations, we may publish further privacy policies or other information on data protection.

We are subject to Swiss data protection law and, if applicable, foreign data protection law, such as that of the European Union (EU) with the European General Data Protection Regulation (GDPR).

The European Commission recognized with decision of July 26, 2000 that Swiss data protection law ensures adequate data protection. With report of January 15, 2024, the European Commission confirmed this adequacy decision.

1. Contact Addresses

Responsible for the processing of personal data:

Aelmans, Nicolaas
Nicolaas Aelmans
Research and Medical Chemicals Switzerland AG
c/o Real & Partner AG
Schaffhauserstrasse 32
4332 Stein

In individual cases, third parties may be responsible for the processing of personal data, or there may be joint responsibility with third parties.

Data Protection Representation in the European Economic Area (EEA)

We have the following data protection representation according to Art. 27 GDPR:

VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Germany

The data protection representation serves as an additional point of contact for affected individuals and authorities in the European Union (EU) and the rest of the European Economic Area (EEA) for inquiries related to the GDPR.

2. Terms and Legal Bases

2.1 Terms

Affected Person: Natural person whose personal data we process.

Personal Data: All information relating to an identified or identifiable natural person.

Particularly Sensitive Personal Data: Data about union, political, religious, or philosophical views and activities, data about health, intimate sphere, or membership of an ethnic group or race, genetic data, biometric data that uniquely identify a natural person, data about criminal and administrative sanctions or prosecutions, and data about social assistance measures.

Processing: Any handling of personal data, regardless of the means and procedures used, such as querying, matching, adjusting, archiving, storing, reading, disclosing, obtaining, recording, collecting, deleting, revealing, arranging, organizing, storing, changing, disseminating, linking, destroying, and using personal data.

European Economic Area (EEA): Member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway.

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, particularly the Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).

We process â€“ insofar and as far as the European General Data Protection Regulation (GDPR) is applicable â€“ personal data or personal data according to at least one of the following legal bases:

  • Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data to fulfill a contract with the affected person and to carry out pre-contractual measures.
  • Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data to protect legitimate interests â€“ including the legitimate interests of third parties â€“ unless the fundamental freedoms and rights as well as the interests of the affected person prevail. Such interests are particularly the permanent, humane, secure, and reliable exercise of our activities and operations, ensuring information security, protection against misuse, enforcement of our own legal claims, and compliance with Swiss law.
  • Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under applicable law of member states in the European Economic Area (EEA).
  • Art. 6 para. 1 lit e GDPR for the necessary processing of personal data to perform a task that is in the public interest.
  • Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the affected person.
  • Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data to protect the vital interests of the affected person or another natural person.
  • Art. 9 para. 2 ff. GDPR for the processing of special categories of personal data, particularly with the consent of the affected persons.

The European General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of particularly sensitive personal data as the processing of special categories of personal data (Art. 9 GDPR).

3. Type, Scope, and Purpose of Processing Personal Data

We process the personal data that is necessary to be able to exercise our activities and operations permanently, humanely, securely, and reliably. The processed personal data can particularly fall into the categories of browser and device data, content data, communication data, metadata, usage data, master data including inventory and contact data, location data, transaction data, contract data, and payment data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect during the exercise of our activities and operations, insofar as such processing is legally permissible.

We process personal data, as necessary, with the consent of the affected persons. In many cases, we can process personal data without consent, for example, to fulfill legal obligations or to protect overriding interests. We may also ask affected persons for their consent if their consent is not required.

We process personal data for the duration necessary for the respective purpose. We anonymize or delete personal data, particularly depending on legal retention and limitation periods.

4. Disclosure of Personal Data

We may disclose personal data to third parties, have it processed by third parties, or process it jointly with third parties. Such third parties are particularly specialized providers whose services we use.

We may disclose personal data, for example, to banks and other financial service providers, authorities, educational and research institutions, consultants and lawyers, interest groups, IT service providers, cooperation partners, credit and economic information agencies, logistics and shipping companies, marketing and advertising agencies, media, organizations and associations, social institutions, telecommunications companies, and insurance companies.

5. Communication

We process personal data to be able to communicate with individuals as well as with authorities, organizations, and companies. In doing so, we particularly process data that an affected person transmits to us when contacting us, for example, by postal mail or email. We can store such data in an address book or with comparable tools.

Third parties who transmit data about other persons to us are obliged to independently ensure the data protection of these affected persons. They must particularly ensure that such data is correct and may be transmitted.

We use selected services from suitable providers to enable and improve communication with individuals and other communication partners. We can also manage and otherwise process the data of affected persons beyond direct communication with such services.

6. Data Security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. With our measures, we particularly ensure the confidentiality, availability, traceability, and integrity of the processed personal data, without being able to guarantee absolute data security.

Access to our website and our other online presence is via transport encryption (SSL / TLS, particularly with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers warn before visiting websites without transport encryption.

Our digital communication is subject â€“ as basically any digital communication â€“ to mass surveillance without cause and suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We cannot directly influence the corresponding processing of personal data by intelligence services, police stations, and other security authorities. We also cannot rule out that an affected person is specifically monitored.

7. Personal Data Abroad

We process personal data primarily in Switzerland and the European Economic Area (EEA). However, we can also export or transmit personal data to other countries, particularly to process or have it processed there.

We can export personal data to all countries on Earth and elsewhere in the universe, provided that the local law ensures adequate data protection according to decision of the Swiss Federal Council and â€“ insofar and as far as the General Data Protection Regulation (GDPR) is applicable â€“ also according to decision of the European Commission.

We can transmit personal data to countries whose law does not ensure adequate data protection, provided that data protection is ensured for other reasons, particularly based on standard data protection clauses or with other suitable guarantees. Exceptionally, we can export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, for example, the explicit consent of the affected persons or a direct connection with the conclusion or execution of a contract. We are happy to provide affected persons with information about any guarantees or provide a copy of any guarantees upon request.

8. Rights of Affected Persons

8.1 Data Protection Claims

We grant affected persons all claims according to the applicable data protection law. Affected persons have the following rights in particular:

  • Information: Affected persons can request information about whether we process personal data about them and, if so, which personal data it is. Affected persons also receive the information necessary to assert their data protection claims and ensure transparency. This includes the processed personal data as such, but also information about the purpose of processing, the duration of storage, any disclosure or export of data to other countries, and the origin of the personal data.
  • Correction and Restriction: Affected persons can have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.
  • Deletion and Objection: Affected persons can have personal data deleted (“right to be forgotten”) and object to the processing of their data with effect for the future.
  • Data Release and Data Transfer: Affected persons can request the release of personal data or the transfer of their data to another responsible party.

We can defer, restrict, or refuse the exercise of the rights of affected persons within the legally permissible framework. We can inform affected persons about any conditions that must be met for the exercise of their data protection claims. For example, we can refuse information with reference to confidentiality obligations, overriding interests, or the protection of other persons, in whole or in part. We can also refuse the deletion of personal data, particularly with reference to legal retention obligations, in whole or in part.

We can exceptionally provide for costs for the exercise of rights. We inform affected persons in advance about any costs.

We are obliged to identify affected persons who request information or assert other rights with appropriate measures. Affected persons are obliged to cooperate.

8.2 Legal Protection

Affected persons have the right to enforce their data protection claims in court or to file a complaint with a data protection supervisory authority.

The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

European data protection supervisory authorities are organized as members of the European Data Protection Board (EDPB). In some member states in the European Economic Area (EEA), the data protection supervisory authorities are federally structured, particularly in Germany.

9. Use of the Website

9.1 Cookies

We may use cookies. Cookies â€“ both our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) â€“ are data stored in the browser. Such stored data does not have to be limited to traditional cookies in text form.

Cookies can be stored temporarily in the browser as “session cookies” or for a specific period as so-called permanent cookies. “Session cookies” are automatically deleted when the browser is closed. Permanent cookies have a specific storage duration. Cookies enable, in particular, the recognition of a browser on the next visit to our website and thus, for example, the measurement of the reach of our website. However, permanent cookies can also be used for online marketing, for example.

Cookies can be completely or partially disabled and deleted in the browser settings at any time. Without cookies, our website may no longer be fully available. We request â€“ at least insofar and as far as necessary â€“ active explicit consent to the use of cookies.

For cookies used for success and reach measurement or advertising, a general objection (“opt-out”) is possible for numerous services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

9.2 Logging

We can log at least the following information for each access to our website and our other online presence, provided that this information is transmitted to our digital infrastructure during such access: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, accessed individual sub-page of our website including transmitted data volume, last website accessed in the same browser window (referrer).

We log such information, which can also represent personal data, in log files. The information is necessary to be able to provide our online presence permanently, humanely, and reliably. The information is also necessary to ensure data security â€“ also by third parties or with the help of third parties.

9.3 Counting Pixels

We can integrate counting pixels into our online presence. Counting pixels are also referred to as web beacons. Counting pixels â€“ also from third parties whose services we use â€“ are usually small, invisible images or scripts written in JavaScript that are automatically retrieved when accessing our online presence. With counting pixels, at least the same information as in log files can be recorded.

10. Services from Third Parties

We use services from specialized third parties to be able to exercise our activities and operations permanently, humanely, securely, and reliably. With such services, we can, among other things, embed functions and content into our website. In such embedding, the services used must at least temporarily capture the IP addresses of users for technical reasons.

For necessary security-relevant, statistical, and technical purposes, third parties whose services we use can process data related to our activities and operations in an aggregated, anonymized, or pseudonymized manner. This includes, for example, performance or usage data to be able to offer the respective service.

We use in particular:

10.1 Digital Infrastructure

We use services from specialized third parties to be able to use the necessary digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.

We use in particular:

10.2 Appointment Scheduling

We use services from specialized third parties to be able to schedule appointments online, for example, for meetings. In addition to this privacy policy, any directly visible conditions of the services used, such as terms of use or privacy policies, also apply.

10.3 Audio and Video Conferences

We use specialized services for audio and video conferences to be able to communicate online. We can, for example, hold virtual meetings or conduct online classes and webinars. For participation in audio and video conferences, the legal texts of the individual services, such as privacy policies and terms of use, apply in addition.

We recommend, depending on the life situation, to mute the microphone by default when participating in audio or video conferences and to blur the background or display a virtual background.

We use in particular:

10.4 Online Collaboration

We use services from third parties to enable online collaboration. In addition to this privacy policy, any directly visible conditions of the services used, such as terms of use or privacy policies, also apply.

We use in particular:

10.5 Fonts

We use services from third parties to be able to embed selected fonts as well as icons, logos, and symbols into our website.

We use in particular:

11. Success and Reach Measurement

We try to measure the success and reach of our activities and operations. In this context, we can also measure the impact of third-party references or check how different parts or versions of our online offering are used (“A/B test” method). Based on the results of success and reach measurement, we can particularly fix errors, strengthen popular content, or make improvements.

For success and reach measurement, the IP addresses of individual users are usually recorded. IP addresses are generally shortened (“IP masking”) in this case to follow the principle of data minimization through the corresponding pseudonymization.

Cookies can be used in success and reach measurement, and user profiles can be created. Any created user profiles include, for example, the individual pages visited or content viewed on our website, information about the size of the screen or browser window, and the â€“ at least approximate â€“ location. Generally, any user profiles are created exclusively pseudonymized and not used to identify individual users. Individual services from third parties, where users are registered, may be able to assign the use of our online offering to the user account or user profile with the respective service.

We use in particular:

12. Final Notes on the Privacy Policy

We can update this privacy policy at any time. We inform about updates in an appropriate form, particularly by publishing the current privacy policy on our website.